Malicious log-in attempts

  • eljayr0

    (@eljayr0)


    3 days, 20 hours ago

    We have recently experienced an increase in malicious log-in attempts. We have now blocked the IP address and will monitor, but wondered if anyone else was also experiencing an increased attack? Is there an attempt to universally hack WordPress at the moment?

Viewing 1 replies (of 1 total)
  • Moderator Yui

    (@fierevere)

    永子

    3 days, 19 hours ago

    Its common issue (brute force password guessing attacks for most common passwords in the dictionary) Blocking individual IPs is not very effective measure,

    A) You can install a security plugin (i.e. Limit login attempts reloaded) or a security/hardening plugin which would offer more functions than just login protection

    B) Many providers use .htaccess to set HTTP auhorization password for /wp-admin/ (make sure to allow free access to admin-ajax.php there)

    C) For system administrators using Fail2Ban would be the most efficient and resources saving solution

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.